Feeds:
Posts
Comments

Archive for June 20th, 2019

I will try to explain in a simple way what is buffer Over flow.
Buffer is a fixed length memory block where you put your data. If you put data in the buffer that more than it’s capacity, then it will flow over. Like empty 100 ml glass. If you pour 120ml water in it, the 20 ml water will flow over the glass.
Of course the buffer over flow is much more complex than it.

Based on NVD (National Vulnerability Database), the US government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), Buffer Overflow is still the most occurring vulnerability the last quarter century (1988 – 2012). It’s 35% from top vulnerability type with a critical severity. And still reported until 2019 although the percentage is not that high.

The history of buffer overflow was started in 1988, when Robert Morris, a student from Cornell University, created Morris Worm. It’s the first worm computer launching in November 1988. Morris Worm took advantage of ‘gets() function’ in Unix fingered. The Worm spread very fast in Unix machines on that time.

Worm and Virus computer are ‘malicious software’, the other name is ‘Malware’ or ‘Malcode’. It’s design to damage, steal or other ‘bad’ things to data, hosts or network. The only different is Virus need a host program to spread out meanwhile Worm is stand alone. Worm spreads by exploiting the vulnerability of the target system.
(more…)

Read Full Post »